<?php
$isReloadable = false;
require_once("../../../pers/inc.config.php");
require_once('../../_inc/inc.session.php');
require_once('../../_inc/funct.html.php');

$aCamForm = array();
require("_inc/const.campiUtente.php");
$aCamForm[40][0] = array('password', 'Password', 4,6,'password',32, 64);
$aCamForm[40][1] = array('pwd2', 'ridigita', 4,6,'password',32, 64);
if (reqVar('azione') == 'salva') {
	$msgPag = confMod($aCamForm);
} elseif (reqVar('azione') == '') {
	$sqlSel = "SELECT * FROM rgl_utenti " .
			" WHERE id_utente = ".intval(reqVar('id'));
	$objDB->exec($sqlSel,'modRec');
	if (!$aRow = $objDB->fetch('modRec')) {
		backOnErr("utentiMod - id. '".reqVar('id')."' mancante o errato");
	}
	foreach($aCamForm as $rX => $aRX) {
		if ($rX == 40) continue;
		foreach($aRX as $jX => $aCX) {
			$_REQUEST[$aCX[0]] = $aRow[$aCX[0]];
		}
	}
	$sqlSel = "SELECT r.*,ur.id_utente FROM rgl_ruoli r " .
			" LEFT JOIN rgl_utenti_ruoli ur ON ur.id_ruolo = r.id_ruolo".
			"    AND ur.id_utente = ".intval(reqVar('id'))." ORDER BY r.cod_ruolo";
	$objDB->exec($sqlSel);
	while($aRow = $objDB->fetch()) {
		$_REQUEST['cbx_ruolo_'.$aRow['id_ruolo']] = ($aRow['id_utente']>0)?'S':'';
		$_REQUEST['cod_ruolo_'.$aRow['id_ruolo']] = $aRow['cod_ruolo'];
		$_REQUEST['des_ruolo_'.$aRow['id_ruolo']] = $aRow['descr'];
	}
}
testaHtml('Gestione applicazione', $msgPag, 'gest');
?>
<table border="0" cellpadding="3" cellspacing="1" width="100%" align='center'>
   <tr>
      <td class="cmd1" align="right">
         &nbsp;&nbsp;&nbsp;
         <a class="cmd1" href="javascript:document.frm1.submit();" >salva</a>
			<? echo cmdTorna('torna'); ?>
      </td>
   </tr>
</table>
<?=getHtmlForm('frm1','',array('enctype'=>true));?>
<?=getHtmlHidden('id');?>
<?=getHtmlHidden('azione','salva');?>
<?=getHtmlHidden('xsn',XSN);?>
<table class="tab1" border="0" cellpadding="3" cellspacing="1" width="100%" align='center'>
	<?=getHtmlRigaRif();?>
<?
echo getHtmlCampiForm($aCamForm);
?>
</table>
<table border="0" cellpadding="3" cellspacing="1" width="100%" align='center'>
   <tr>
      <td class="lab1" align="center" colspan='3'>Ruoli</td>
   </tr>
<?php 
foreach($_REQUEST as $nX => $vX) {
	if (substr($nX,0,10)!='cbx_ruolo_') continue;
	$idR = substr($nX,10);
?>
   <tr>
      <td class="txt1" align="center" width='1%'><?php echo getHtmlCheckBox('cbx_ruolo_'.$idR, 'S');?></td>
      <td class="txt1" align="left" width='10%'>
      	<?php echo getHtmlHidden('cod_ruolo_'.$idR);echo reqVar('cod_ruolo_'.$idR)?>
      </td>
      <td class="txt1" align="left" width='89%'>
      	<?php echo getHtmlHidden('des_ruolo_'.$idR);echo reqVar('des_ruolo_'.$idR)?>
      </td>
   </tr>
<?php 
}
?>
</table>
<table border="0" cellpadding="3" cellspacing="1" width="100%" align='center'>
   <tr>
      <td class="cmd1" align="right">
         &nbsp;&nbsp;&nbsp;
         <a class="cmd1" href="javascript:document.frm1.submit();" >salva</a>
			<? echo cmdTorna('torna'); ?>
      </td>
   </tr>
</table>
			<?
echo "</form>\n";
codaHtml();
exit();
function confMod($aCamForm) {
	global $objDB;
	$msg = '';
	$_REQUEST['cod_utente'] = strtolower(trim(reqVar('cod_utente')));
	if (reqVar('cod_utente')=='') {
		$msg .= "Codice obbligatorio<br>";
	}
	if (preg_match("/[^-_a-z0-9]/",reqVar('cod_utente'))) {
		$msg = "Codice '".reqVar('cod_utente')."' puo' contenere solo lettere numeri '-' e '_'<br>";
	}
	if (trim(reqVar('cognome'))=='') {
		$msg .= "Cognome obbligatorio<br>";
	}
	if (reqVar('password') != reqVar('pwd2')) {
		$msg .= "password diverse<br>";
	}
	if (reqVar('e_mail')!='' && !verifEmail(reqVar('e_mail'))) {
		$msg .= "indirizzo e-mail non conforme<br>";
	}
	$sqlSel = "SELECT id_utente FROM rgl_utenti " .
			" WHERE cod_utente = '".reqVarAS('cod_utente')."'".
			"    AND id_utente <> ".reqVar('id');
	$objDB->exec($sqlSel,'insIst');
	$aRow = $objDB->fetch('insIst');
	if ($aRow) {
		$msg .= "codice utente gia' esistente<br>";
	}
		if ($msg != '') {
		return $msg;
	}
	$sSqlUpd = "UPDATE rgl_utenti SET ";
	if (trim(reqVar('pwd2'))!='') {
		$sSqlUpd .= "password = 'X".trim(reqVarAS('pwd2'))."', ";
	}
	foreach($aCamForm as $rX => $aRX) {
		if ($rX == 40) continue;
		foreach($aRX as $jX => $aCX) {
			$sSqlUpd .= $aCX[0]." = '".reqVarAS($aCX[0])."', ";
		}
	}
	$sSqlUpd = substr($sSqlUpd,0,-2)." WHERE id_utente = ".intval(reqvar('id'));
	$objDB->exec($sSqlUpd);
	
	$sSqlUpd = "DELETE FROM rgl_utenti_ruoli WHERE id_utente = ".intval(reqvar('id'));
	$objDB->exec($sSqlUpd);
	

	foreach($_REQUEST as $nX => $vX) {
		if (substr($nX,0,10)!='cbx_ruolo_') continue;
		if ($vX != 'S') continue;
		$idR = substr($nX,10);
		$sSqlUpd = "INSERT INTO rgl_utenti_ruoli SET id_utente = ".intval(reqvar('id'))
			.", id_ruolo = $idR";
		$objDB->exec($sSqlUpd);
	}
		
	//return "<pre>".print_r($objDB,1)."</pre>";
	header("Location: ".urlTorna("utente modificato"));
	exit();
}
?>